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Continued Examination Under 37 CFR LI 14 

1 . A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1.17(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.1 14. Applicants submission filed on March 17 th , 2004 has been entered. 

Terminal Disclaimer 

2. The terminal disclaimer filed on March 1 8 th , 2004 disclaiming the terminal portion of any 
patent granted on this application which would extend beyond the expiration date of 09/688,456 
has been reviewed and is accepted. The terminal disclaimer has been recorded. 

Response to Arguments 

3. Applicant's arguments with respect to claims 1-120 have been considered but are moot in 
view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 
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5. Claims 1-120 are rejected under 35 U.S.C. 103(a) as being unpatentable over Leon (U.S. 
Patent No 6,424,954) in view Cordery et al (U.S. Patent No. 6,567,794). 

6. As per claim 1, Leon teaches a cryptographic device (SMD, 110a, 110b comprise a 
cryptographic module) for securing data on a computer network (network 100a f 100b, fig 1A, 
IB) comprising a processor (processor, 210) programmed to authenticate (authenticate) a 
plurality of users (users, 120, fig 1A, IB) on the computer network (network 100a, 100b, fig I A, 
IB) for secure processing of a value bearing item (postal indicium, fig 9) wherein the processor 
include a state machine for determine a state corresponding to availability of one or more 
commands (see abstract, figs 5a -7, column 9 line 35-67), a cryptographic engine (cryptographic 
module) for cryptographically protecting data, and an interface (interface, 222, 236, fig 2A) for 
communicating with the computer network (see column 4 line 21-55). Leon fails to teach a 
memory for storing security device transaction data for ensuring authenticity of a user, wherein 
the security device transaction data is related to the one of the plurality of users and a the 
cryptographic module is remotely located from the user and module for processing value of the 
value bearing item. However, Cordery et al teaches a memory for storing security device 
transaction data for ensuring authenticity of a user, wherein the security device transaction data 
is related to the one of the plurality of users (see abstract, fig 1, 4, 5, column 4 line 23-49) and a 
cryptographic module is remotely located from the user and module for processing value of the 
value bearing item (see figs 1, 3 and 5, column 1 lines 24-65). Therefore, it would have been 
obvious to one of ordinary skill in the art at the time the invention was made to modify Leon's 
inventive concept to include Cordery et aFs memory for storing security device transaction data 
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for ensuring authenticity of a user, wherein the security device transaction data is related to the 
one of the plurality of users and a the cryptographic module is remotely located from the user 
and module for processing value of the value bearing item because this would have protected the 
privacy of those transaction and the privacy of the user thereby making easier for the system to 
retrieve and identify the user of the system thereby eliminated stolen and relocated meter 
problems and simplifies meter management in general. 

7. As per claims 2-8, Leon teaches a cryptographic device wherein the state machine 
includes one or more of an uninitialized state, an initialized state, an operational state, an 
administrative state, an exporting shares state, an importing shares state, and an error state (see 
abstract, figs 5a -7, column 9 line 59-67), 

8. As per claim 9, Leon teaches a cryptographic device wherein on or more command 
corresponding to the uninitialized state includes a command for start initializing (figs 6a-6e, 
column 10 lines 10-16). 

9. As per claim 10, Leon teaches a cryptographic device wherein the one or more 
commands corresponding to the initialized state includes commands for one or more of get status 
command, initialize access control database command, logon command, logoff command, query 
current user role command, query current user ED command, session management commands, 
audit entry creation command, generate master key set command, and generate transport key pair 
commands (see abstract, figs 5a -7, column 10 lines 10-16, 13 lines 26-47). 
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10. As per claim 11, Leon teaches a cryptographic device wherein the one or more 
commands corresponding to the operational state include commands for one or more of access 
control, session management, key management, and audit support {see column 11 lines 36-43). 

11. As per claim 12, Leon teaches a cryptographic device wherein the commands for access 
control include one or more of transition to administrative state command, logon command, 
logoff command, query current user role command, query current user ID command, view access 
control database command, change password command, set clock command, and set Status 
command {see fig 5b, column 13 lines 63-14 line 31). 

12. As per claim 13, Leon teaches the inventive concept as disclosed in claims 1 and 1 1 . 
Leon fail to teach a cryptographic device wherein the commands for session management 
include one or more of open session command, close Session command, compute session MAC 
command, verify session, MAC command, session encrypt command, and session decrypt 
command. However, Cordery et al teaches a cryptographic device wherein the commands for 
session management include one or more of open session command, close Session command, 
compute session MAC command, verify session, MAC command, session encrypt command, 
and session decrypt command {see abstract, fig 1, 4 f 5, column 4 line 23-49). Therefore, it would 
have been obvious to one of ordinary skill in that art at the time the invention was made to 
modify Leon's inventive concept to include Cordery et al's cryptographic device wherein the 
commands for session management include one or more of open session command, close Session 
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command, compute session MAC command, verify session, MAC command, session encrypt 
command, and session decrypt command because this would have avoided the need for key 
encryption in the user's computer. 

13. As per claim 14, Leon teaches a cryptographic device wherein the commands for key 
management include one or more of export transport public key command, start importing MKS 
command, create MKS shares command, generate MKS command, activate MKS command, 
delete dormant MKS command, global decrypt and MAC command, compute MAC command, 
verify MAC, and encryption and MAC translation commands (see column 13 lines 36-62). 

14. As per claim 15, Leon teaches a cryptographic device wherein the commands for audit 
support include one or more of create audit entry command, create audit key command, and 
export audit verification key command (see abstract, figs 5f, see column 18 line 18-40, 24 line 
60-25 line 5). 

15. As per claim 16, Leon teaches a cryptographic device wherein the one or more 
commands corresponding to the administrative state include commands for one or more of create 
account command, delete account command, modify account command, view access control 
database command, end admin command, logon command, logoff command, query current user 
role command, query current user ID command, set clock command, get status command, 
session management commands, and audit entry creation command (see abstract, figs 5a -7, see 
column 9 line 35-67). 
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16. As per claim 17, Leon teaches a cryptographic device wherein the one or more 
commands corresponding to the exporting shares state include commands for one or more of 
logon command, logoff command, query Current User Role command, query current user ID 
command, export share command, abort export command, get status command, session 
management commands, and audit entry creation command {see column 8 line 63-9 line 19). 

17. As per claim 18, Leon teaches a cryptographic device wherein the one or more 
commands corresponding to the importing shares state include command for one more of logon 
command, logoff command, query current user role command, query current user ID command, 
export transport public key command, import share command, combine shares command, set 
status command, session management commands, and audit entry creation command {see 
column 8 line 63-9 line 19). 

18. As per claim 1 9, Leon teaches a cryptographic device wherein the one or more 
commands corresponding to the error state include commands for one or more of get status 
command, and access control queries command {see column 10 lines 39-46). 

19. As per claim 20, Leon teaches a cryptographic device further comprising computer 
executable code to keep track of a present operational state (see abstract, figs 5a -7, see column 
9 line 35-67). 
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20. As per claim 21, Leon teaches a cryptographic device wherein the processor is 
programmed to verify that the authenticated user is authorized to assume a role and perform a 
corresponding operation (see fig 5A, column 12 lines 30-42, table 1 in column 12). 

21 . As per claim 22, Leon teaches a cryptographic device wherein the cryptographic device 
includes a computer executable code for preventing unauthorized disclosure of data (see fig 5E- 
5E-2, column 17 lines 47-54, 19 lines 33-42). 

22. As per claim 23, Leon teaches a cryptographic device wherein the cryptographic device 
includes a computer executable code for supporting multiple concurrent users and maintaining a 
separation of roles and operations performed by each user (see fig lA t IB). 

23. As per claims 24-27, Leon teaches a cryptographic device wherein the value bearing 
item include a postage value including a postal indicium comprises a digital signature, a 
postage amount, an ascending register of used postage and descending register of available 
postage (see fig 8F, table 3 column 42). 

24. As per claim 28-33, Leon teaches a cryptographic device wherein the value bearing item 
is a ticket, a bar code, a coupon, a currency, a traveler's check, a voucher (see fig 9). 

25. As per claim 34, Leon teaches a cryptographic device wherein each security device 
transaction data includes an ascending register value, a descending register value, a respective 
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cryptographic device ID, an indicium key certificate serial number, a licensing ZIP code, a key 
token for an indicium signing key, user secrets, a key for encrypting user secrets, data and time 
of last transaction, last challenge received from a respective client subsystem, an operational 
state of the respective device, expiration dates for keys, and a passphrase repetition list {see fig 
8F, table 3 column 42). 

26. As per claim 35, Leon teaches a cryptographic device wherein each security device 
transaction data includes information to define the present operational state of the device (see 
abstract, figs 5a -7, see column 9 line 35-67) 

27. As per claim 36, Leon teaches a cryptographic device wherein the processor is capable of 
sharing a secret with a plurality of other cryptographic devices {see column 13 lines 48-62). 

28. As per claim 37-40, Leon teaches a cryptographic device wherein the processor and the 
cryptographic engine generate a master key set (MKS) including a Master Encryption Key 
(MEK) used to encrypt keys when stored outside the device and a Master Authentication Key 
(MAK) used to compute a DES MAC for signing keys when stored outside of the device 
exported to other cryptographic devices by any cryptographic device and wherein the 
cryptographic engine is programmed to perform one or more of Rivest, Shamir and Adleman 
(RSA) public key encryption, DES, Triple-DES, DSA signature, SHA-1, and Pseudo-random 
number generation algorithms {see column 13 lines 48-62). 
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29. As per claim 41, Leon teaches a cryptographic device wherein at least one of the plurality 
of users is an enterprise account (see fig 1). 

30. As per claims 42 and 44, Leon teaches a method for securing (SMD, 1 10a, 11 0b 
comprise a cryptographic module) data {postal/metering information) on a computer network 
(network 100a t 100b t fig 1A, IB) including a plurality of users (users, 120, fig 1A, IB) 
comprising authenticating (authenticate) and authorizing (authorizing) the plurality of users 
(users, 120, fig 1A, IB) for secure processing of a value bearing item (postal indicium, fig 9) 
and determining a state machine for availability of one or more commands (see abstract, figs 
5a -7, column 9 line 35-67). Leon fails to teach a memory for storing security device transaction 
data for ensuring authenticity of a user, wherein the security device transaction data is related to 
the one of the plurality of users and a the cryptographic module is remotely located from the user 
and module for processing value of the value bearing item. However, Cordery et al teaches a 
memory for storing security device transaction data for ensuring authenticity of a user, wherein 
the security device transaction data is related to the one of the plurality of users (see abstract, fig 
1, 4, 5, column 4 line 23-49) and a cryptographic module is remotely located from the user and 
module for processing value of the value bearing item (see figs 1, 3 and 5, column 1 lines 24-65). 
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention 
was made to modify Leon's inventive concept to include Cordery et al's memory for storing 
security device transaction data for ensuring authenticity of a user, wherein the security device 
transaction data is related to the one of the plurality of users and a the cryptographic module is 
remotely located from the user and module for processing value of the value bearing item 
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because this would have protected the privacy of those transaction and the privacy of the user 
thereby making easier for the system to retrieve and identify the user of the system thereby 
eliminated stolen and relocated meter problems and simplifies meter management in general. 

31. As per claim 43, Leon teaches a method for securing of printing the value bearing item 
{see fig 9). 

32. As per claim 45, Leon teaches a method for securing of loading a security device 
transaction data related to the cryptographic device when the user requests to operate on a value 
bearing item {see column 9 lines 1-10). 

33. As per claim 46, Leon teaches a method for securing of authenticating the identity of 
each user and verifying that the identified user is authorized to assume a role and to perform a 
corresponding operation {see column 8 line 45-61). 

34. As per claims 47-53, Leon teaches a method wherein the state machine includes one or 
more of an uninitialized state, an initialized state, an operational state, an administrative state, an 
exporting shares state, an importing shares state, and an error state (see abstract, figs 5a -7, see 
column 9 line 35-67). 

35. As per claim 54, Leon teaches a method wherein on or more command corresponding to 
the uninitialized state includes a command for start initializing {see figs 5A t 5B, 6). 
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36. As per claim 55, Leon teaches a method wherein the one or more commands 
corresponding to the initialized state includes commands for one or more of get status command, 
initialize access control database command, logon command, logoff command, query current 
user role command, query current user ID command, session management commands, audit 
entry creation command, generate master key set command, and generate transport key pair 
commands (see fig 5 A, 5B, column 10 line 10-16), 

37. As per claim 56, Leon teaches a method wherein the one or more commands 
corresponding to the operational state include commands for one or more of access control, 
session management, key management, and audit support (see abstract, figs 5fi see column 18 
line 18-40, 24 line 60-25 line 5). 

38. As per claim 57, Leon teaches a method wherein the commands for access control 
include one or more of transition to administrative state command, logon command, logoff 
command, query current user role command, query current user ID command, view access 
control database command, change password command, set clock command, and set Status 
command (see column 8 line 45-62). 

39. As per claim 58, Leon teaches the inventive concept as disclosed in claims 1 and 11. 
Leon fails to teach a cryptographic device wherein the commands for session management 
include one or more of open session command, close Session command, compute session MAC 
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command, verify session, MAC command, session encrypt command, and session decrypt 
command. However, Cordery et al teaches a cryptographic device wherein the commands for 
session management include one or more of open session command, close Session command, 
compute session MAC command, verify session, MAC command, session encrypt command, 
and session decrypt command (see abstract, fig 1, 4, 5, column 4 line 23-49). Therefore, it would 
have been obvious to one of ordinary skill in that art at the time the invention was made to 
modify Leon's inventive concept to include Cordery et aPs cryptographic device wherein the 
commands for session management include one or more of open session command, close Session 
command, compute session MAC command, verify session, MAC command, session encrypt 
command, and session decrypt command because this would have avoided the need for key 
encryption in the user's computer. 

40. As per claim 59, Leon teaches a method wherein the commands for key management 
include one or more of export transport public key command, start importing MKS command, 
create MKS shares command, generate MKS command, activate MKS command, delete dormant 
MKS command, global decrypt and MAC command, compute MAC command, verify MAC, 
and encryption and MAC translation commands (see fig 5E-5E-2, column 17 lines 47-54, 19 
lines 33-42). 

41 . As per claim 60, Leon teaches a method wherein the commands for audit support include 
one or more of create audit entry command, create audit key command, and export audit 
verification key command (see abstract, figs 5f t see column 18 line 18-40, 24 line 60-25 line 5). 
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42. As per claim 61, Leon teaches a method wherein the one or more commands 
corresponding to the administrative state include commands for one or more of create account 
command, delete account command, modify account command, view access control database 
command, end admin, command, logon command, logoff command, query current user role 
command, query current user ID command, set clock command, get status command, session 
management commands, and audit entry creation command (see column 8 lines 63-9 line 33). 

43. As per claim 62, Leon teaches a method wherein the one or more commands 
corresponding to the exporting shares state include commands for one or more of logon 
command, logoff command, query Current User Role command, query current user ID 
command, export share command, abort export command, get status command, session 
management commands, and audit entry creation command (see fig 5A, column 12 lines 30-42, 
table 1 in column 12). 

44. As per claim 63, Leon teaches a method wherein the one or more commands 
corresponding to the importing shares state include command for one more of logon command, 
logoff command, query current user role command, query current user ID command, export 
transport public key command, import share command, combine shares command, set status 
command, session management commands, and audit entry creation command (see fig 5 A, 
column 12 lines 30-42, table 1 in column 12). 
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45. As per claim 64, Leon teaches a method wherein the one or more commands 
corresponding to the error state include commands for one or more of get status command, and 
access control queries command (see column 10 lines 39-46). 

46. As per claims 65-68, Leon teaches a method of printing a postage value including a 
postal indicium comprises a digital signature, a postage amount, an ascending register of used 
postage and descending register of available postage (see fig 8F, table 3 column 42). 

47. As per claim 69-71, Leon teaches a method or printing a ticket, a bar code, a coupon, 
(see fig 9). 

48. As per claim 72, Leon teaches a security system (SMD, 110a, 110b comprise a 
cryptographic module) for securing data (postal/metering information) in a computer network 
(network 100a f 100b t fig 1A, IB) comprising a plurality of user terminals (users, 120, fig 1A, IB) 
coupled (connected) to the computer network (network 100a, 100b, fig 1A, IB), a cryptographic 
device (cryptographic key) remote from the plurality of user terminals and coupled to the 
computer network, wherein the cryptographic device (SMD, 110a, 110b comprise a 
cryptographic module) includes a state machine (state diagram/method, fig 6A) for determining 
a state machine for availability of one or more commands available to authenticating user. Leon 
fails to teach a plurality of security device transaction data for ensuring authenticity of the one or 
more users, wherein each security device transaction data is related to a user and of managing 
value of available to user. However, Cordery et al teaches a plurality of security device 
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transaction data for ensuring authenticity of the one or more users, wherein each security device 
transaction data is related to a user (see abstract, fig 1, 4, 5, column 4 line 23-49) and of 
managing value of available to user (see figs 1, 3 and 5, column J lines 24-65). Therefore, it 
would have been obvious to one of ordinary skill in the art at the time the invention was made to 
modify Leon's inventive concept to include Cordery et al's a plurality of security device 
transaction data for ensuring authenticity of the one or more users, wherein each security device 
transaction data is related to a user and of managing value of available to user because this would 
have protected the privacy of those transaction and the privacy of the user thereby making easier 
for the system to retrieve and identify the user of the system thereby eliminates stolen and 
relocated meter problems and simplifies meter management in general. 

49. As per claim 73, Leon teaches a security system wherein the security device transaction 
data related to a user is loaded into the cryptographic device when the user requests to operate on 
a value bearing item (see fig 9). 

50. As per claims 74-80, Leon teaches a method wherein the state machine includes one or 
more of an uninitialized state, an initialized state, an operational state, an administrative state, an 
exporting shares state, an importing shares state, and an error state (see abstract, figs 5a -7, see 
column 9 line 35-67). 

51. As per claim 81, Leon teaches a method wherein on or more command corresponding to 
the uninitialized state includes a command for start initializing (see figs 5 A, 5B, 6). 
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52. As per claim 82, Leon teaches a method wherein the one or more commands 
corresponding to the initialized state includes commands for one or more of get status command, 
initialize access control database command, logon command, logoff command, query current 
user role command, query current user ID command, session management commands, audit 
entry creation command, generate master key set command, and generate transport key pair 
commands (see fig 5A, 5B, column 10 line 10-16). 

53. As per claim 83, Leon teaches a method wherein the one or more commands 
corresponding to the operational state include commands for one or more of access control, 
session management, key management, and audit support (see abstract, figs 5fi see column 18 
line 18-40, 24 line 60-25 line 5). 

54. As per claim 84, Leon teaches a method wherein the commands for access control 
include one or more of transition to administrative state command, logon command, logoff 
command, query current user role command, query current user ID command, view access 
control database command, change password command, set clock command, and set Status 
command (see column 8 line 45-62). 

55. As per claim 85, Leon teaches the inventive concept as disclosed in claims 1 and 1 1 . 
Leon fails to teach a cryptographic device wherein the commands for session management 
include one or more of open session command, close Session command, compute session MAC 
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command, verify session, MAC command, session encrypt command, and session decrypt 
command. However, Cordery et al teaches a cryptographic device wherein the commands for 
session management include one or more of open session command, close Session command, 
compute session MAC command, verify session, MAC command, session encrypt command, 
and session decrypt command {see abstract, fig 1, 4, 5, column 4 line 23-49). Therefore, it would 
have been obvious to one of ordinary skill in that art at the time the invention was made to 
modify Leon's inventive concept to include Cordery et al's cryptographic device wherein the 
commands for session management include one or more of open session command, close Session 
command, compute session MAC command, verify session, MAC command, session encrypt 
command, and session decrypt command because this would have avoided the need for key 
encryption in the user's computer. 

56. As per claim 86, Leon teaches a method wherein the commands for key management 
include one or more of export transport public key command, start importing MKS command, 
create MKS shares command, generate MKS command, activate MKS command, delete dormant 
MKS command, global decrypt and MAC command, compute MAC command, verify MAC, 
and encryption and MAC translation commands {see fig 5E-5E-2, column 1 7 lines 47-54, 19 
lines 33-42). 

57. As per claim 87, Leon teaches a method wherein the commands for audit support include 
one or more of create audit entry command, create audit key command, and export audit 
verification key command {see column 8 line 45-62). 
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58. As per claim 88, Leon teaches a method wherein the one or more commands 
corresponding to the administrative state include commands for one or more of create account 
command, delete account command, modify account command, view access control database 
command, end admin command, logon command, logoff command, query current user role 
command, query current user ED command, set clock command, get status command, session 
management commands, and audit entry creation command (see fig 5E-5E-2, column 1 7 lines 
47-54, 19 lines 33-42). 

59. As per claim 89, Leon teaches a method wherein the one or more commands 
corresponding to the exporting shares state include commands for one or more of logon 
command, logoff command, query Current User Role command, query current user ID 
command, export share command, abort export command, get status command, session 
management commands, and audit entry creation command (see fig 5 A, column 12 lines 30-42, 
table 1 in column 12). 

60. As per claim 90, Leon teaches a method wherein the one or more commands 
corresponding to the importing shares state include command for one more of logon command, 
logoff command, query current user role command, query current user ID command, export 
transport public key command, import share command, combine shares command, set status 
command, session management commands, and audit entry creation command (see fig 5E-5E-2, 
column 17 lines 47-54, 19 lines 33-42). 
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61. As per claim 9 1 , Leon teaches a method wherein the one or more commands 
corresponding to the error state include commands for one or more of get status command, and 
access control queries command (see abstract, figs 5f t see column 18 line 18-40, 24 line 60-25 
line 5). 

62. As per claim 92, Leon teaches a security system comprising computer executable code to 
keep track of a present operational state (see column 8 line 45-62). 

63. As per claim 93, Leon teaches a security system wherein the processor is programmed to 
verify that the authenticated user is authorized to assume a role and perform a corresponding 
operation (see column 8 line 45-62). 

64. As per claim 94, Leon teaches a security system wherein the system includes a computer 
executable code for supporting multiple concurrent users and maintaining a separation of roles 
and operations performed by each user (see fig I A, IB). 

65. As per claims 95-98, Leon teaches a secured system wherein a postage value including a 
postal indicium comprises a digital signature, a postage amount, an ascending register of used 
postage and descending register of available postage (see fig 8F, table 3 column 42). 
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66. As per claim 99-100, Leon teaches a security system wherein the value bearing item 
include a bar code is a ticket (see fig 9). 



67. As per claim 101, Leon teaches a security system wherein each security device 
transaction data includes information to define the present operational state of the device (see fig 
6A, column 9 line 35-67). 



68. As per claim 102, Leon teaches a security system wherein the cryptographic engine is 
programmed to perform one or more of Rivest, Shamir and Adleman (RSA) public key 
encryption, DES, Triple-DES, DSA signature, SHA-1, and Pseudo-random number generation 
algorithms (see column 11 lines 51-12 line 4, 13 line 47-62). 

69. As per claim 103, Leon teaches a method or printing a ticket, a bar code, a coupon, (see 
fig 9). 



70. As per claim 104, Leon teaches a method for securing data (SMD, 1 10a , 110b comprise a 
cryptographic module) in a computer network (network 100a, 100b, fig 1A, IB) having a 
plurality of user terminals (users, 120, fig 1A, IB) the method comprising and verifying that a 
user is authorized to assume a role and determining a state in a state machine for availability of 
one or more commands (see fig 1A, IB, 5 A, 6A, column 9 lines 34-67). Leon fail to teach an 
inventive concept of storing information about a plurality of users using the plurality of terminals 
in a database remote from the plurality of securing the information about the users in the 
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database by one or more of cryptographic devices remote from the plurality of user terminals 
storing a plurality of security device transaction data wherein each transaction data is related to 
one of the plurality of users and a cryptographic device manages value of available for the value 
bearing item. However Cordery et al teaches an inventive concept of storing information about a 
plurality of users using the plurality of terminals in a database remote from the plurality of 
securing the information about the users in the database by one or more of cryptographic devices 
remote from the plurality of user terminals storing a plurality of security device transaction data 
wherein each transaction data is related to one of the plurality of users (see abstract, fig 1, 4, 5, 
column 4 line 23-49) and a cryptographic device manages value of available for the value 
bearing item (see figs 1, 3 and 5, column 1 lines 24-65, ). Therefore, it would have been obvious 
to one of ordinary skill in the art at the time the invention was made to modify Leon's inventive 
concept to include Cordery et al's an inventive concept of storing information about a plurality 
of users using the plurality of terminals in a database remote from the plurality of securing the 
information about the users in the database by one or more of cryptographic devices remote from 
the plurality of user terminals storing a plurality of security device transaction data wherein each 
transaction data is related to one of the plurality of users and a cryptographic device manages 
value of available for the value bearing item because this would have protected the privacy of 
those transaction and the privacy of the user thereby making easier for the system to retrieve and 
identify the user of the system, thereby eliminated stolen and relocated meter problems and 
simplifies meter management in general. 



71. As per claim 1 05, Leon teaches a method of printing the value bearing item (see fig 9). 
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72. As per claim 106, Leon teaches a method of loading a security device transaction data 
related to a user into one of the one or more of cryptographic devices when the user requests to 
operate on a value bearing item {see column 9 lines 28-33, 13 lines 48-62, 15 lines 23-32). 

73. As per claim 107, Leon teaches a method of loading a security device transaction data 
related to the cryptographic device when the user requests to operate on a value bearing item {see 
column 9 lines 28-33, 13 lines 48-62, 15 lines 23-32). 

74. As per claim 108, Leon teaches a method of authenticating the identity of each user and 
verifying that the identified user is authorized to assume a role and to perform a corresponding 
operation {see column 8 lines 45-9 line 10). 

75. As per claims 109-1 15, Leon teaches a method of determining an uninitialized state, an 
initialized state, an operational state, an administrative state, an exporting shares state, an 
importing shares state, and an error state {see fib 5 A, 6A, column 9 lines 45-67). 

76. As per claims 1 16-120, Leon teaches a method of printing a postage value including a 
postal indicium comprises a digital signature, a postage amount, or a ticket {see fig 9). 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Firmin Backer whose telephone number is (703) 305-0624. The 
examiner can normally be reached on Mon-Thu 9:00 AM - 5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, James Trammell can be reached on (703) 305-9768. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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